BLADELOGIC, INC.

BLADELOGIC, INC. Patent applications

Patent application number

Title

Published

20140237560

SECURITY CONTEXT PASSING FOR STATELESS SYSTEM MANAGEMENT - Systems and methods for stateless system management are described. Examples include a method wherein a user sends the management system a request to act upon a managed system. The management system determines whether the user is authorized for the requested action. Upon authorization, the management system looks up an automation principal, which is a security principal native to the managed system. The management system retrieves connecting credentials for the automation principal, and connects to the managed system using the retrieved credentials. Once the managed system is connected, the management system performs the requested action on the managed system, and sends the result back to the user.

08-21-2014

20130311773

SECURE CREDENTIAL STORE - A credential store provides for secure storage of credentials. A credential stored in the credential store is encrypted with the public key of a user owning the credential. A first user may provide a credential owned by the first user to a second user. The first user may add credentials owned by the first user to the credential store. An administrator may manage users of the credential store without having the ability to provide credentials to those users.

11-21-2013

20130232248

METHOD AND SYSTEM FOR SIMPLIFYING DISTRIBUTED SERVER MANAGEMENT - A method and system for managing a large number of servers and their server components distributed throughout a heterogeneous computing environment is provided. In one embodiment, an authenticated user, such as a IT system administrator, can securely and simultaneously control and configure multiple servers, supporting different operating systems, through a “virtual server.” A virtual server is an abstract model representing a collection of actual target servers. To represent multiple physical servers as one virtual server, abstract system calls that extend execution of operating-system-specific system calls to multiple servers, regardless of their supported operating systems, are used. A virtual server is implemented by a virtual server client and a collection of virtual server agents associated with a collection of actual servers.

09-05-2013

20130103808

METHOD AND SYSTEM FOR EXECUTING AND UNDOING DISTRIBUTED SERVER CHANGE OPERATIONS - A method and system for executing and undoing distributed server change operations for a collection of server objects across multiple target servers in a transaction-safe manner is provided. In one embodiment, server change operations for a collection of server objects, such as files and configuration file entries, are specified in a transaction package. The target servers to which the specified change operation are directed are also identified in the transaction package. Parameter values for each of the identified target servers are specified through a parameter file in the transaction package. The transaction package is sent to the identified target servers, which execute the change operations on the target servers in a transaction-safe manner using these parameter values.

04-25-2013

20120254113

Continuous Content Sharing Through Intelligent Resolution of Federated Hierarchical Graphs - Systems, methods and computer readable media for media for continuous content sharing between systems through intelligent resolution of federated hierarchical graphs are described. A Multi-Topology Middleman (MTM) is used between the source and target systems to handle the content sharing. The MTM builds on traditional import/export infrastructure; it tracks the import/export of individual objects between systems. When a conflict is found between systems, the MTM learns the conflict resolution and stores the conflict resolution as a rule for the conflicting object, and applies the rule for subsequent import/export process on that object. The MTM also tracks the mapping of objects between the source and target systems and updates the target object in accordance with a change in the source object. The MTM is also capable of undoing the import process.

10-04-2012

20120166317

Auto-Suggesting IT Asset Groups Using Clustering Techniques - An information technology (IT) asset management system provides for logically grouping IT assets and performing actions on the logical groups. Cluster analysis techniques are used to analyze the configuration data corresponding to IT assets in the IT asset management system, generating proposed logical groups from the clusters determined by the cluster analysis techniques. A system administrator may be allowed to accept or reject the proposed logical groups.

06-28-2012

20110296499

Security Context Passing for Stateless System Management - Systems and methods for stateless system management are described. Examples include a method wherein a user sends the management system a request to act upon a managed system. The management system determines whether the user is authorized for the requested action. Upon authorization, the management system looks up an automation principal, which is a security principal native to the managed system. The management system retrieves connecting credentials for the automation principal, and connects to the managed system using the retrieved credentials. Once the managed system is connected, the management system performs the requested action on the managed system, and sends the result back to the user.

12-01-2011

20110293096

Multi-Level Key Management - A key manager provides a way to separate out the management of encryption keys and policies from application domains. The key manager may create cipher objects that may be used by the domains to perform encryption or decryption, without exposing the keys or encryption/decryption algorithms to the domains. A master key managed by the key manager may be used to encrypt and decrypt the domain keys that are stored under the control of the key manager. The key manager supports the rekeying of both the master key and the domain keys based on policy. Multiple versions of domain keys may be supported, allowing domains to access data encrypted with a previous version of a domain key after a rekeying.

12-01-2011

20110238805

Topology Aware Smart Merge - Systems, methods, and computer readable media for managing the configuration of topologically related network devices are described. In general, devices that are “topologically related” are devices that are functionally coupled in some way (e.g., network switches sharing a common trunk line or network routers providing common router services in accordance with an established priority scheme). Specifically, techniques are disclosed for verifying or changing the configuration of a first network device based on the configuration of a second, topologically related, network device. Configuration policies (or rules) are described that are used to “bridge” the configuration of one device with that of another device.

09-29-2011

20110138025

Systems and Methods for Extensible Distributed Configuration Management - Systems and methods for extensible distributed configuration management of computer resources are described. Examples include a computer system including a processing unit and a storage device that stores a model definition and one or more asset plug-ins (each of the one or more asset plug-ins configured to expose at least one asset object that represents a computer resource). The computer system further includes memory that stores an asset model created based at least in part on the model definition, and a network interface configured to deploy to at least one managed system a compatible asset plug-in (the model definition including at least one conditional reference to the compatible asset plug-in). If a condition specified within the asset model is satisfied the processing unit selects the compatible asset plug-in for deployment, the condition being defined within the model definition and designated as applicable to the at least one conditional reference.

06-09-2011

20100228750

Systems and Methods for Digital File Change Monitoring - Systems and methods for monitoring changes to a digital file are described. Examples include a computer system for monitoring digital file changes that includes a processing unit that accepts a request to write an input data stream to a first file accessible within the computer system, and a storage device coupled to the processing unit and including a second file (the first file being a virtualized representation of the second file). The processing unit parses an input attribute from the input data stream, wherein the attribute includes an input identifier and an associated input value. The processing unit signals an event if the input attribute matches an identifier designated as a monitored attribute identifier of the second file.

09-09-2010

20100161965

Secure Credential Store - A credential store provides for secure storage of credentials. A credential stored in the credential store is encrypted with the public key of a user owning the credential. A first user may provide a credential owned by the first user to a second user. The first user may add credentials owned by the first user to the credential store. An administrator may manage users of the credential store without having the ability to provide credentials to those users.

06-24-2010

20100106680

VENDOR PORTFOLIO MANAGEMENT IN SUPPORT OF VENDOR RELATIONSHIP MANAGEMENT ANALYSIS, PLANNING AND EVALUATION - Various examples include a system and methods in support of vendor relationship management, analysis, planning and evaluation including dealing with collections of vendors called vendor portfolios. In various examples the system includes a database, vendor portfolio definer, a vendor portfolio populator, and a vendor portfolio analyzer. The database houses vendor data. In various examples the vendor portfolio definer allows vendor portfolios to be created, meta data, including complex documents, to be associated with vendor portfolios, and user access permissions to be assigned to vendor portfolios. In various examples the vendor portfolio populator facilitates user selection of the vendors that will make up the collection of vendors in the vendor portfolio. The vendor portfolio analyzer analyzes a business metric using vendor portfolios. In various examples the vendor portfolio analyzer allows user to perform what-if analysis on vendor portfolios. In various examples the vendor portfolio definer includes a risk management definer, the vendor portfolio populator includes a risk management screener, and the vendor portfolio analyzer includes a risk manager to facilitate managing vendors base on the organizational risk they pose. In various examples the database contains information about obligations owed to and from a vendor and the vendor portfolio analyzer includes an obligation analyzer to analyze the organizational impact of vendor obligations.

04-29-2010

20100106656

SYSTEMS AND METHODS TO SUPPORT INFORMATION TECHNOLOGY BUSINESS DECISIONS - Various embodiments include methods and systems to support IT business decision making, including a data correlator and business, configuration, risk, and application management databases. The business management database contains information pertaining to services offered by IT and other IT business information. The configuration management database contains operational data including the resources required by IT's offered services. The risk management database contains operational constraints on the organization by external sources, such as industry practices or government regulations. The application management database contains information about projects and applications that are in development but not currently operational including resources required by IT's services now or in the future. The data correlator defines relationships between related data residing in one or more of the databases, allowing a single convenient location to access data useful in making business decisions for an organization's information technology department. In various embodiments the data correlator includes a what-if analyzer to model decisions and determine the impact of those decisions. In various embodiments snapshots may be taken of the configuration management database to be used later to determine the operational state at a previous time and assess changes to the configuration management database between that time and the present.